2c457d8be5e17f4424655f20f2ea5c77_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2c457d8be5e17f4424655f20f2ea5c77_JaffaCakes118
Size

179KB
MD5

2c457d8be5e17f4424655f20f2ea5c77
SHA1

62abf0f69be8b4ae96b546aa57f495e1c444dc0a
SHA256

41b9c39b6660b931345ecca0eb0c769e5a6970afa33f10cce5a6bed3b7beb911
SHA512

e738e4d96f8d6c1be5af051dbbea42170eb0c2881747e2e9bb3939111094bbb053267829fb35887571ebb97afb018e3c88ed46b958832aa49ff00adb110adb51
SSDEEP

3072:pEVZoPG/dqi2ia8+ibaTr6CEe5QkHcQOej8Ewpt4kAEwP6huL:KPoPG/yiDVUieW1wqprEPn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c457d8be5e17f4424655f20f2ea5c77_JaffaCakes118

Files

2c457d8be5e17f4424655f20f2ea5c77_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2329d07c88acb09de7280134fd63f072

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClassLongA
MessageBoxW

rpcrt4

UuidCreate

ole32

CoInitialize
CoCreateInstance
CoUninitialize
StringFromGUID2
CoCreateGuid
CoSetProxyBlanket

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

kernel32

GetTickCount
LeaveCriticalSection
GetThreadPriority
GetConsoleMode
GetLocaleInfoW
GetFullPathNameW
SetEndOfFile
GetUserDefaultLCID
SetUnhandledExceptionFilter
LCMapStringA
WideCharToMultiByte
InterlockedIncrement
EnumSystemLocalesA
HeapFree
FlushFileBuffers
GlobalAlloc
HeapCreate
TlsSetValue
InterlockedDecrement
SetFilePointer
GetCurrentProcessId
UnhandledExceptionFilter
GetEnvironmentStrings
WriteFile
GetCPInfo
FreeEnvironmentStringsW
GetLocaleInfoA
IsDebuggerPresent
SetCommTimeouts
HeapDestroy
Sleep
ExitProcess
FreeEnvironmentStringsA
ReadFile
InitializeCriticalSection
RtlUnwind
GetProcessHeap
GetCurrentProcess
GetCommandLineA
EnterCriticalSection
VirtualFree
GetConsoleCP
TlsGetValue
GetModuleFileNameW
EnumResourceNamesA
HeapSize
GetModuleFileNameA
GetLastError
GetCurrentThreadId
MultiByteToWideChar
SetLastError
CloseHandle
GetVersionExA
GetOEMCP
TlsAlloc
GetACP
TlsFree
GetEnvironmentStringsW
GetSystemTimeAsFileTime
WriteConsoleW
GetModuleHandleA
HeapAlloc
GetStdHandle
SetStdHandle
ExitProcess
LoadLibraryA
SetHandleCount
VirtualAlloc
GetCurrentDirectoryW
GetStartupInfoA
CreateFileA
HeapReAlloc
IsValidCodePage
IsValidLocale
LCMapStringW
GetStringTypeW
GetConsoleOutputCP
QueryPerformanceCounter
RaiseException
TerminateProcess
DeleteCriticalSection
GetProcAddress
GetStringTypeA
WriteConsoleA
GetFileType
GetFullPathNameA

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

shlwapi

SHDeleteKeyW

Sections

.text
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2329d07c88acb09de7280134fd63f072

Headers

File Characteristics

Imports

user32

rpcrt4

ole32

advapi32

kernel32

shell32

shlwapi

Sections

.text Size: 151KB - Virtual size: 150KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 24KB - Virtual size: 23KB

.crt Size: 512B - Virtual size: 348KB

.text
Size: 151KB - Virtual size: 150KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 24KB - Virtual size: 23KB

.crt
Size: 512B - Virtual size: 348KB